A signature exchange model for heterogeneous intrusion detection systems

Author

Tsai, Dwen-Ren ; Huang, Chien-Ning

Author_Institution

Dept. of Comput. Sci., Chinese Culture Univ., Taipei, Taiwan

fYear

2009

fDate

5-8 Oct. 2009

Firstpage

253

Lastpage

256

Abstract

In this paper, we propose an UML-based generic format set of intrusion signatures for heterogeneous intrusion detecting systems (IDSs) via analyzing signature formats of three popular IDS products. We also propose an attack signature exchange model of heterogeneous IDSs. With this model, an attack signature generated by one IDS could be adopted by different IDSs easily. The proposed XML-based generic signature format set is designed to be extensible, and therefore it should be easy to incorporate new features in the future. When a software vendor releases its software patch packages together with the signatures addressing the potential attacks, the signatures detected can be easily and promptly included into IDSs reported from different vendors using this model.

Keywords

Unified Modeling Language; XML; digital signatures; security of data; software maintenance; software packages; UML-based generic format set; XML-based generic signature; heterogeneous intrusion detection system; software patch package; software vendor; unified modeling language; Computer science; Data analysis; Databases; Face detection; IP networks; Information management; Intrusion detection; Packaging; Software packages; XML; Extensible Markup Language (XML); Intrusion Detection System (IDS); Network Security; attack signature;

fLanguage

English

Publisher

ieee

Conference_Titel

Security Technology, 2009. 43rd Annual 2009 International Carnahan Conference on

Conference_Location

Zurich

Print_ISBN

978-1-4244-4169-3

Electronic_ISBN

978-1-4244-4170-9

Type

conf

DOI

10.1109/CCST.2009.5335528

Filename

5335528